In the last edition, TI Safe News started the series of reports aimed at helping your company to combat cyber risks efficiently. The first episode showed how it is possible to identify cyber risks. Now it's time to understand how to improve monitoring and response capabilities.
Thiago Branquinho, CTO of TI Safe, explains that it is important to establish criteria for measures that allow the comparison of risk analyzes over time. It details the steps for implementing the process called Risk Management:
- Analysis of all risks.
- Establishment of recommended controls.
- Action for continuous monitoring of controls and threats.
- Improving defenses and response capabilities.
Thiago points out that a good response depends on an excellent and complete preparedness for an incident: in order for the monitoring and responses to cyber risks to be really efficient, companies must first understand what kind of threats can affect them. For this, in addition to establishing a risk management process, it is important to have a corporate approach to these risks, especially in critical infrastructures. "An obsolete server or a switch affected by humidity can be the initiators of an unscheduled shutdown and cost millions, cause environmental damage and even (in the most extreme cases) take lives," reports the CTO of TI Safe.
Another point of extreme importance in the risk management process, according to the executive, is the training of employees to mitigate cyber risks and impacts on the organization.
For Thiago, employees are an essential part of security. “Keeping everyone aware of the role they need to play in cybersecurity is vital to minimizing incidents. It is important that companies maintain a permanent level of awareness for all employees, including in their supply chain. In addition, system administrators must receive adequate training so that they can ensure the establishment of best security practices ”, he concludes.